0
Yardımınıza ihtiyacım var lütfen.SignedXml checksignature false değerini döndürür.
Bu yüzden, java üzerinde Xml İmzası olan bir belge oluşturdum ve C# üzerinde doğrulamaya çalıştığımda false aldım. Sonra C# ile aynı belgeyi imzaladım ve sorun değil. true döndürür.
C# benim oluşturulan xml geçerli:
<GovTalkMessage xmlns="http://www.govtalk.gov.uk/CM/envelope">
<EnvelopeVersion>2.0</EnvelopeVersion>
<Header>
<MessageDetails>
<Class>*******</Class>
<Qualifier>request</Qualifier>
<Function>submit</Function>
<CorrelationID/>
<ResponseEndPoint PollInterval="0"/>
<GatewayTimestamp>2015-05-22 10:36:00 46</GatewayTimestamp>
</MessageDetails>
<SenderDetails>
<IDAuthentication>
<SenderID>*******</SenderID>
<Authentication>
<Method>clear</Method>
<Value>*******</Value>
</Authentication>
</IDAuthentication>
<EmailAddress>nomail</EmailAddress>
</SenderDetails>
</Header>
<Body>
<Message xmlns="urn:g3.ge:cra:call:CRA_Xcrms_ProcessRequest:v1">
<Request>
<SubcontractId>*******</SubcontractId>
<Parameters>
<ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#" Id="e05606fa-f84f-4f03-b979-59e3ab07c431">
<NamedCurve URI="urn:oid:1.3.36.3.3.2.8.1.1.7"/>
<PublicKey>BHCX/TfxYEqT+RkvWwe7FUwgcfYv4Delhn4Gh3VDwYdfiPNsbdSrpdTifdzjW4xF2t18Dv6oWHvnxj4vzulyLLU=</PublicKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#e05606fa-f84f-4f03-b979-59e3ab07c431">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>bkpr3QO9lbDyLHfN78AptsaAiDA=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>tKSd9QHighByIW87N/Flkpt5KlaeOCQjT3ot3oNycNA5143GLjo/LZr6LyILiCef9fkLtxotnANXgAxtU2VQePKJcrqksKxwFeRQg4ZaPv5R41LbNQVNlgM1pa70JpFtRgFwFIm8qzKokcd0dpBG/i+Q3318CRKbAJHXqnOvCU3g8hgWhcKDo8KISkOkvVvDiOXLlmVVspYEc9Miz+2SlXK0psMcpEZTs8Qwl2eUabcQq457pV3sWw+kWQCWWBJbU2t2sXTLw2jqT4gSvz68Txn5WwS5km0ArdmEwN7DqEpBWd9ItSVlQuq45Xi7ymwuHB4cUkx0EYwFjeOa6Y4hZw==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIFaDCCBFCgAwIBAgIKGKrxUAAAAAACYTANBgkqhkiG9w0BAQUFADBCMRIwEAYKCZImiZPyLGQBGRYCZ2UxEzARBgoJkiaJk/IsZAEZFgNjcmExFzAVBgNVBAMTDkNSQSBJU1NVSU5HIENBMB4XDTE2MDEwNDExMzgxOFoXDTE4MDEwMzExMzgxOFowgY8xCzAJBgNVBAYTAkdFMQwwCgYDVQQIEwNOL0ExEDAOBgNVBAcTB1RiaWxpc2kxEzARBgNVBAoTCkdlb0ZpblRlY2gxCzAJBgNVBAsTAklUMRowGAYDVQQDExFUYW1hciBEYXR1YXNodmlsaTEiMCAGCSqGSIb3DQEJARYTdGFtYXJAZ2VvZmludGVjaC5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvjGHYQc+6pE+S90YcQ72gIu+6Min/rIQdezK6AYuxCLNocQlWM5GN2yzxbFc4S1p6j8D8Q/QKBrJ6p6T/93EyiZcV/CwEE6RC+VZkyzgz14FsQKXvjn20y8iGVIdwN7+vyTnkfFS6QngzrAukJE5TUcBQxw9Ja7Pn5QRaH6r2qiroKgw3DqszpRONMi701RNOcKYhvHZSVNQG6ZN4k/1z1TIEG4BgyhGp/9923Yo1NE8bxai2e6GBULaDV9zgicIP4bQqpAjzKlfVPVD07zE+qQlzViiXUo3Ivkk6LhRX5LtJ7f783MHY4NKMSrrpvy3wXuhvmj5SI/GQCmevqfU8CAwEAAaOCAhAwggIMMAsGA1UdDwQEAwIFoDA7BgkrBgEEAYI3FQcELjAsBiQrBgEEAYI3FQiMrxOCxd0kgeWXFZnFboLIgn1ZherrPoWoyzkCAWQCAQkwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBRs+UHm6cklk/B9F+ftjFRbSTSPiDAfBgNVHSMEGDAWgBTDtujkuZ450dwAyTWTgpsCj5IwSTBOBgNVHR8ERzBFMEOgQaA/hj1odHRwOi8vY3JhLWlzc3VpbmdjYS5jcmEuZ2UvQ2VydEVucm9sbC9DUkElMjBJU1NVSU5HJTIwQ0EuY3JsMG4GCCsGAQUFBwEBBGIwYDBeBggrBgEFBQcwAoZSaHR0cDovL2NyYS1pc3N1aW5nY2EuY3JhLmdlL0NlcnRFbnJvbGwvQ1JBLUlTU1VJTkdDQS5jcmEuZ2VfQ1JBJTIwSVNTVUlORyUyMENBLmNydDA1BgNVHSUELjAsBgorBgEEAYI3FAICBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQwQwYJKwYBBAGCNxUKBDYwNDAMBgorBgEEAYI3FAICMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMAwGCisGAQQBgjcKAwQwDQYJKoZIhvcNAQEFBQADggEBAFPv8dF7lv0koP4qTnf6xyR3GW5hf0k0gOv7LMxuvwNZR6fnupVNx5QS4zEsQnJQoUII9qXyScxaXe96bPRKQqMaJLpMhxjsLMqpPRTLmdIvVExf4Jyo3ZPzquYx/+IokzhJaXK2qV2Z1P/kd0p1I03BYdWEabGz+MsARSer2s4IxeELgVSHKwk/aYY3LdsddbMJg1TO0Knmqvssri/rtJ6h9PAbtheijukEktmjWdLZ+A+/mATmX9i5FOKVkc9bdRmIw0M59ura+r3HThlZ+5J6amFuQJAxp7M6RwnLOqPyk21Hiaccufw4Hr6CvQ8c9lcjbK0k5z7dBDMt+JA4shI=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</ECKeyValue>
</Parameters>
</Request>
</Message>
</Body>
</GovTalkMessage>
Bunları dosyaları milyar kez üretilen ancak oluşturulan dosyaları gibi bu C# kodu: Burada
<GovTalkMessage xmlns="http://www.govtalk.gov.uk/CM/envelope">
<EnvelopeVersion>2.0</EnvelopeVersion>
<Header>
<MessageDetails>
<Class>**********</Class>
<Qualifier>request</Qualifier>
<Function>submit</Function>
<CorrelationID></CorrelationID>
<ResponseEndPoint PollInterval="0" />
<GatewayTimestamp>2015-05-22 10:36:00 46</GatewayTimestamp>
</MessageDetails>
<SenderDetails>
<IDAuthentication>
<SenderID>*******</SenderID>
<Authentication>
<Method>clear</Method>
<Value>******</Value>
</Authentication>
</IDAuthentication>
<EmailAddress>nomail</EmailAddress>
</SenderDetails>
</Header>
<Body>
<Message xmlns="urn:g3.ge:cra:call:CRA_Xcrms_ProcessRequest:v1">
<Request>
<SubcontractId>*********</SubcontractId>
<Parameters>
<ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#" Id="b8fab299-1f02-4952-bc51-51c1a801cfbd">
<NamedCurve URI="urn:oid:1.3.36.3.3.2.8.1.1.7" />
<PublicKey>BHeO8NM3siFsm/4wOuZfuYqxEyHITRIw10nck6VWmsQeIpJ7SA6octSy6CribK+I8CfALnlPCi0ugcfhtndJjRo=</PublicKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#b8fab299-1f02-4952-bc51-51c1a801cfbd">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>dj0zX2jwmWo31ZHQZ8QD/oCofWM=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>WesZbraD0p0eW0GmhQ8ZpTyQ9Z3xiiWph/mIam2nhVPmXfJCdVVvPPxwL3IfseZLXUa4xQwOO4Goa6DOH8drqSbORdrHiTmB7f5QfeqL1kH3BB5sQuHWyHHtN37284e7/jB+1awxcyVkdE9Vk2lDsHmn4f3vjdk1tvKJOYlfsP0MEJQ4XG2fpCWgGebWHCy1oNUOI9X/hOLxQK+n5MVHM7hiO7xDcziSq2SgAOIoxHgAKEfDUR8fC1QPwQGTpClLoY2QD1wbv1h3FsnK9+Fg7Tx1g0iE6hyppb3dSveZBNWr8fOA9GMgeUzgB54bGQ8PPixRxIBs4L7Wb+Ro9qQG4w==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIFaDCCBFCgAwIBAgIKGKrxUAAAAAACYTANBgkqhkiG9w0BAQUFADBCMRIwEAYKCZImiZPyLGQBGRYCZ2UxEzARBgoJkiaJk/IsZAEZFgNjcmExFzAVBgNVBAMTDkNSQSBJU1NVSU5HIENBMB4XDTE2MDEwNDExMzgxOFoXDTE4MDEwMzExMzgxOFowgY8xCzAJBgNVBAYTAkdFMQwwCgYDVQQIEwNOL0ExEDAOBgNVBAcTB1RiaWxpc2kxEzARBgNVBAoTCkdlb0ZpblRlY2gxCzAJBgNVBAsTAklUMRowGAYDVQQDExFUYW1hciBEYXR1YXNodmlsaTEiMCAGCSqGSIb3DQEJARYTdGFtYXJAZ2VvZmludGVjaC5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvjGHYQc+6pE+S90YcQ72gIu+6Min/rIQdezK6AYuxCLNocQlWM5GN2yzxbFc4S1p6j8D8Q/QKBrJ6p6T/93EyiZcV/CwEE6RC+VZkyzgz14FsQKXvjn20y8iGVIdwN7+vyTnkfFS6QngzrAukJE5TUcBQxw9Ja7Pn5QRaH6r2qiroKgw3DqszpRONMi701RNOcKYhvHZSVNQG6ZN4k/1z1TIEG4BgyhGp/9923Yo1NE8bxai2e6GBULaDV9zgicIP4bQqpAjzKlfVPVD07zE+qQlzViiXUo3Ivkk6LhRX5LtJ7f783MHY4NKMSrrpvy3wXuhvmj5SI/GQCmevqfU8CAwEAAaOCAhAwggIMMAsGA1UdDwQEAwIFoDA7BgkrBgEEAYI3FQcELjAsBiQrBgEEAYI3FQiMrxOCxd0kgeWXFZnFboLIgn1ZherrPoWoyzkCAWQCAQkwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBRs+UHm6cklk/B9F+ftjFRbSTSPiDAfBgNVHSMEGDAWgBTDtujkuZ450dwAyTWTgpsCj5IwSTBOBgNVHR8ERzBFMEOgQaA/hj1odHRwOi8vY3JhLWlzc3VpbmdjYS5jcmEuZ2UvQ2VydEVucm9sbC9DUkElMjBJU1NVSU5HJTIwQ0EuY3JsMG4GCCsGAQUFBwEBBGIwYDBeBggrBgEFBQcwAoZSaHR0cDovL2NyYS1pc3N1aW5nY2EuY3JhLmdlL0NlcnRFbnJvbGwvQ1JBLUlTU1VJTkdDQS5jcmEuZ2VfQ1JBJTIwSVNTVUlORyUyMENBLmNydDA1BgNVHSUELjAsBgorBgEEAYI3FAICBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQwQwYJKwYBBAGCNxUKBDYwNDAMBgorBgEEAYI3FAICMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMAwGCisGAQQBgjcKAwQwDQYJKoZIhvcNAQEFBQADggEBAFPv8dF7lv0koP4qTnf6xyR3GW5hf0k0gOv7LMxuvwNZR6fnupVNx5QS4zEsQnJQoUII9qXyScxaXe96bPRKQqMaJLpMhxjsLMqpPRTLmdIvVExf4Jyo3ZPzquYx/+IokzhJaXK2qV2Z1P/kd0p1I03BYdWEabGz+MsARSer2s4IxeELgVSHKwk/aYY3LdsddbMJg1TO0Knmqvssri/rtJ6h9PAbtheijukEktmjWdLZ+A+/mATmX9i5FOKVkc9bdRmIw0M59ura+r3HThlZ+5J6amFuQJAxp7M6RwnLOqPyk21Hiaccufw4Hr6CvQ8c9lcjbK0k5z7dBDMt+JA4shI=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</ECKeyValue>
</Parameters>
</Request>
</Message>
</Body>
</GovTalkMessage>
ve benim oluşturulan java xml olduğu C# ve ben java tarafından oluşturulan sorun dosyaları var:
//it's income xml request
string requestFromService = "myxmlFile.xml";
XmlDocument xmlDocument = new XmlDocument();
xmlDocument.LoadXml(Helpers.readAllFromFile(requestFromService));
XmlElement xml = xmlDocument.DocumentElement;
XmlElement keyValue = xml.GetElementsByTagName("ECKeyValue").Item(0) as XmlElement;
XmlElement signatureElement = xml.GetElementsByTagName("Signature").Item(0) as XmlElement;
keyValue.RemoveChild(signatureElement);
//
var signedXml = new SignedXml(keyValue);
signedXml.LoadXml(signatureElement);
bool result = signedXml.CheckSignature();
Console.WriteLine(String.Format("Result : {0}", result));
nasıl System.Sec urity.Cryptography.Xml.SignedXml çalışır. xml imzası neden geçerli değil? lütfen yardım et.
Ayrıca "Doğrulamadan önce İmza elemanını kaldırmak yerine, sizin için bunu yapan xml dsig zarflı dönüşümü kullanmalısınız" - Java'da nasıl yapılır? – gogagubi
Apache Santuario kullanıyor musunuz? Bu [bağlantı] (https://svn.apache.org/repos/asf/santuario/xml-security-java/trunk/samples/org/apache/xml/security/samples/signature/CreateSignature.java) nasıl olduğunu gösterir. Zarflı bir imza tanımlayabilir. Temel olarak, bunun için bir dönüşüm eklersiniz: transforms.addTransform (Transforms.TRANSFORM_ENVELOPED_SIGNATURE); – Gedeon